—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Multiple Vulnerabilities in Apple Products

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: High

Software Affected

Apple iOS and iPadOS versions prior to 26.3

Apple iOS and iPadOS versions prior to 18.7.5

Apple macOS Tahoe versions prior to 26.3

Apple macOS Sequoia versions prior to 15.7.4

Apple macOS Sonoma versions prior to 14.8.4

Apple Safari versions prior to 26.3

Apple tvOS versions prior to 26.3

Apple watchOS versions prior to 26.3

Apple visionOS versions prior to 26.3

Overview

Multiple vulnerabilities have been reported in Apple Products which could allow an attacker to execute arbitrary code, gain elevated privileges, disclose sensitive information, bypass security restrictions or can cause denial of service condition on the targeted system.

Target Audience:

All organizations and individuals using Apple Products.

Risk Assessment:

High risk of information disclosure, code execution and denial of service.

Impact Assessment:

Potential for data theft, propagation of malware, and system crash.

Description

Multiple vulnerabilities have been reported in Apple products.

A memory corruption vulnerability (CVE-2026-20700) exists in Apple’s Dynamic Link Editor (dyld) that could allow an attacker with memory write capabilities to execute arbitrary code on affected devices.

Note: This vulnerability (CVE-2026-20700) is being exploited in the wild. Users are advised to apply patches immediately.

Solution

Apply appropriate patches as mentioned in the Apple Security Updates  

https://support.apple.com/en-in/126347

https://support.apple.com/en-in/126346

https://support.apple.com/en-in/126348

https://support.apple.com/en-in/126354

https://support.apple.com/en-in/126349

https://support.apple.com/en-in/126350

https://support.apple.com/en-in/126351

https://support.apple.com/en-in/126352

https://support.apple.com/en-in/126353

Vendor Information

Apple

https://support.apple.com/en-in/126347

https://support.apple.com/en-in/126346

https://support.apple.com/en-in/126348

https://support.apple.com/en-in/126354

https://support.apple.com/en-in/126349

https://support.apple.com/en-in/126350

https://support.apple.com/en-in/126351

https://support.apple.com/en-in/126352

https://support.apple.com/en-in/126353

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmmPQ0sACgkQ3jCgcSdc

ys+AOw/+LatfDubl4QfK+oRkcPXOwsskG267N7smNC//aOe7P5FdTOU/RglkAi52

ghTjBuDQH+hVMs8wB8jWmTKeNNDQb5EpvaIgw5An9j6sxpXW0QYRT+EIYIcJrNqW

XcO5Lh9Cz4qImg/JFBuGRRl/SSO1CqtVqgW+VBV6Z4mEYwG+FCFMYQUIh+kUQbDs

9iLhk/XWv47rQWYO2LndGpi3sue6G2vxVQnLq0ZtsEKeQzZprC1EaKjaSCgf5+oV

e4OMp70VuCV2QOCTExV3Y8To7CiFZb5d8nGmmwdfgdMFwiWMGqK775eA4ckCdMug

NVCI4lO46TY49D/825tOKArByQmMm+48KDDtxxCdACfVhHw4KjP1DBMTPuoyDJKG

FeayQbu1D9X/XY8lsqBHoQ6DN46EE/uLMN9EFoQvCFyWAijfLrQehzgefM7cbJ4X

Z10HMi63q1885gZCiDW2Z58c14u6HEIyy1RigP2TQYi8NZ9IKY5pWOnpUQEPoi3Y

/GVwCi1/eoGnW7tPpVeAAbMfZSyxQx+9MXzklSLgHvP/IxH2z7bPdhbjfY1gx8CC

F8jpUqFF88GLt4P+4vsL++GW14twhDltYpJOM1m3Y2mTP9UILIpbk0yccxRdrFXB

KpajGGd/BKkhU/PlAegAgh2zFKtRN5khCMMp1G6UIoZrhnGY6DM=

=Qdfe

—–END PGP SIGNATURE—–